We performed a comparison between IBM Security QRadar and Varonis Datalert based on real PeerSpot user reviews.
Find out what your peers are saying about IBM, Splunk, Rapid7 and others in User Entity Behavior Analytics (UEBA)."It is a very optimized engine."
"Stability-wise, I rate the solution a ten out of ten."
"The most valuable features are all the implementations, the plug-ins, and the User Behavior Analytics (UBA)."
"QRadar, Splunk, and ArcSight are SIEM solutions with built-in AI/ML features. They can do the complete investigation and alert the admin about what is happening. They can also do the root cause analysis. There are many other features that come with QRadar. It has a more granular log, so you can integrate with various non-IT as well as IT-based components. You can get unstructured data to the SIEM data, and you can identify more what is happening in the network or what is happening in the central head office. You can also identify what is happening between your remote offices. You can also use it to identify what the users in the field are doing on their devices and how things are moving. From the integration point of view, it is very centric. It gives complete control centrally. If a user is not connected to the system, whenever he comes online, we can see the policy updates over the Internet, and we can ensure that the data that is supposed to be protected is protected."
"It has improved my efficiency."
"It protect us from multiple authentication values, unauthorized access and antivirus threats."
"The solution is flexible and easy to use."
"We run 65 servers globally with just two people: an engineering person and me."
"The analytics would have to be our most valuable feature."
"On the Varonis side, technical support is phenomenal. Their ability to explain is very good, and they seem to be very knowledgeable. When I get an alert that doesn't quite make sense, they dive in there and kind of take me through it. That's very useful and very good. There are some false alerts, but it is better to have a false alert than no alert at all."
"The 24/7 support is the most valuable feature. They have been able to answer support questions pretty quickly."
"That alerting and reporting service is great."
"The telemetry to capture everything and the reports are very easy to configure without having a developer degree."
"It can easily identify unusual behavior or access patterns that may pose a potential threat, while operating as a unified reporting system."
"The features that could be improved include the licensing model and the dashboards and all those presentations. Overall, the user experience part can be improved."
"Their technical support is not good. We opened a lot of cases and from my experience, they are not complicated issues but it takes forever to get an answer."
"Do your research before implementing it, because it is tough to implement."
"The product does not have a team for investigating malware."
"The modularity could be improved."
"When it comes to what could be better, it is always what others are trying to do and what is the roadmap. It can have more integration. It should have more flexible RESTful APIs for integration with applications. These are the things that are always in demand for any of the SIEM solutions, not only for QRadar. Integration is ever-evolving. Nowadays, different versions of mobile handsets are there and data is getting scattered. Users are using their personal handsets to keep the data of the organization. So, it should have a more flexible integration, irrespective of the flavor of the firmware and iOS or Android version. It should have an API that can seamlessly get integrated. It should also provide more flexible control and a more advanced or analytical view to see what exactly is happening across the globe or network. From wherever a user is connecting and accessing the enterprise data, it should give real-time visibility and predictive visibility about what exactly is happening. These things are already there, but there should be more advanced control in terms of managing the security."
"QRadar needs to be improved on the storage side, particularly when the disc exceeded the maximum threshold."
"QRadar UBA only keeps the data for a short while (it's refreshed every five minutes) and would be improved if this were extended to a week or month."
"It is significantly complex."
"The GUI should be more functional. There should be a process for connecting through Chrome, Internet Explorer, etc."
"For unstructured data monitoring, it's one of the top ones, if not the top one, due to its usability."
"We have Microsoft Office 365. I just saw an article today which says that they're actually getting integrated with Microsoft Office 365, which would be a useful feature. For user-based reports, log on activity, and stuff like that, it doesn't seem to really be present like Log360. That could just be my inexperience with it. I've been dealing with it for only about two and a half months."
"I would like it to have cloud integration."
"I'd like to see automatic updates for this solution. Currently, it's a manual process to update all the keywords"
IBM Security QRadar is ranked 1st in User Entity Behavior Analytics (UEBA) with 198 reviews while Varonis Datalert is ranked 8th in User Entity Behavior Analytics (UEBA) with 6 reviews. IBM Security QRadar is rated 8.0, while Varonis Datalert is rated 8.6. The top reviewer of IBM Security QRadar writes "A highly stable and scalable solution that provides good technical support". On the other hand, the top reviewer of Varonis Datalert writes "Offers the ability to identify sensitive areas, allowing you to drill down into the sensitive data". IBM Security QRadar is most compared with Microsoft Sentinel, Splunk Enterprise Security, Wazuh, LogRhythm SIEM and Elastic Security, whereas Varonis Datalert is most compared with Splunk User Behavior Analytics, Microsoft Defender for Identity, Exabeam Fusion SIEM and Rapid7 InsightIDR.
See our list of best User Entity Behavior Analytics (UEBA) vendors.
We monitor all User Entity Behavior Analytics (UEBA) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.